Skip Links

Secret security weapon

Vendors turn to OPSWAT to better their products.

By , Network World
April 10, 2006 12:09 AM ET

Network World - There are dozens of brands of anti-virus, anti-spyware, desktop firewall and VPN products, and Benny Czarny has made it his business to know them all inside and out.

Eight other engineers at OPSWAT, the San Francisco company that Czarny founded in 2002, do the same. Why? So that other IT companies, now gung-ho on the concept of checking for anti-virus, anti-spyware, VPN or patch updates before allowing network access, can spare themselves the time-consuming task of keeping up with all the security software brands out there.

Vendors such as Cisco, F5 Networks, Symantec and Juniper Networks license the OPSWAT code that checks for more than 400 versions of security software from more than 35 vendors. They embed the code, a software development kit (SDK), into their network-access control products.

This has made OPSWAT (which informally stands for Omni-Platform Security with Access Technologies), a security vendor to security vendors, supporting methods of network-access control ranging from Microsoft's Network Access Protection to Cisco's Network Admission Control.

The anti-virus answer

"What is anti-virus, is the question," says Czarny, a 34-year-old computer science graduate of Israel's Technion, Israeli Institute of Technology, who confesses to being a "bit nerdy" in his fascination with software code, which he started programming when he was 11 years old. "Anti-virus is configuring a system to scan and update."

Every anti-virus vendor, Czarny says, accomplishes this a different way - sometimes even differently in separate versions of the same product.

The API is supposed to be the direct path into how products work, so OPSWAT licenses every virus package it can find and seeks business relationships with as many vendors as it can to obtain the APIs.

But that approach doesn't always work.

"Sometimes vendors are open, sometimes they hide things," Czarny says. And he adds about the much-desired APIs: "Sometimes they just don't have them."

When OPSWAT meets those kinds of barriers, its software engineers in the United States and Israel have to dive into the security code using their own methods to be able to add the anti-virus software to the OPSWAT framework, which is basically an API for all other APIs.

Part of OPSWAT's mission is to uncover new anti-virus and anti-spyware companies. While McAfee, Symantec and Trend Micro have practically become household names in the United States, there are younger firms - such as Beijing Rising Technology, KingSoft and Jiangmin in China, and MicroWorld in India - that OPSWAT also works with.

"The reason we're contacting them is we have prospective customers based in East Asia that says these companies are important to our market, and we expect you to support them," says Tom Mullen, OPSWAT's vice president of business development.

Getting through the language barrier is a struggle, because the OPSWAT engineers don't speak Mandarin or other Asian languages, but sometimes OPSWAT's large global customers help with translation, Mullen says.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News